Losing Session Variables within Frames
-
Greetings, I have just developed a content-managed, database-driven application application that makes heavy use of postbacks and session variables. We own the domain that the site was designed to be hosted on, however, the customer does not want our URL showing. The solution our firm has used in the past is to just put the entire application within a frameset with the top frameset at 0% and the bottom one at 100%, thus the only file that needs to live on the customer's site is the frameset itself. In this case, the frameset is a Cold Fusion page but there is no server-side logic--just the HTML frameset. It is a cold fusion page because I'm told this is what worked in the past. They are running the .NET framework on the server but I don't know if they have any .NET sites up there. I was told that this should work because all of the code to run the application should work fine because everything should be self-contained within the frame, however, anytime a postback is done, it tends to lose all of its session variables. To further complicate matters, the same frameset, let's call it frameset.cfm works fine when both the frameset page and application are hosted on the same server, but when only the frameset.cfm page is moved to the client's server, the sessions fail, especially on pages with postbacks. Could someone explain to me what is going on and help me come up with a workaround? Because we need to contact the customer's IT department each time a file is placed on their server, we are hoping to involve them as little as possible. My next step is going to be to create a frameset.aspx page that will live on their server but I am told that our firm has never had a problem with the frameset.cfm files before... Ohh, and lastly, It always works in Firefox, and sometimes works in IE. On some IE 8 machines it works all the time, on some IE 8 machines it works most of the time, and on some IE8 machines it fails most of the time... Thanks in advance
-
Greetings, I have just developed a content-managed, database-driven application application that makes heavy use of postbacks and session variables. We own the domain that the site was designed to be hosted on, however, the customer does not want our URL showing. The solution our firm has used in the past is to just put the entire application within a frameset with the top frameset at 0% and the bottom one at 100%, thus the only file that needs to live on the customer's site is the frameset itself. In this case, the frameset is a Cold Fusion page but there is no server-side logic--just the HTML frameset. It is a cold fusion page because I'm told this is what worked in the past. They are running the .NET framework on the server but I don't know if they have any .NET sites up there. I was told that this should work because all of the code to run the application should work fine because everything should be self-contained within the frame, however, anytime a postback is done, it tends to lose all of its session variables. To further complicate matters, the same frameset, let's call it frameset.cfm works fine when both the frameset page and application are hosted on the same server, but when only the frameset.cfm page is moved to the client's server, the sessions fail, especially on pages with postbacks. Could someone explain to me what is going on and help me come up with a workaround? Because we need to contact the customer's IT department each time a file is placed on their server, we are hoping to involve them as little as possible. My next step is going to be to create a frameset.aspx page that will live on their server but I am told that our firm has never had a problem with the frameset.cfm files before... Ohh, and lastly, It always works in Firefox, and sometimes works in IE. On some IE 8 machines it works all the time, on some IE 8 machines it works most of the time, and on some IE8 machines it fails most of the time... Thanks in advance
I am in the same spot you are, only difference is the hosting site calling my frame is a PHP site. Same issues. If I host the parent site no problems. If they are the Parent site, then problems (not holding session variables). The problem is introduced when you have cross domain sites communicating. You cannot access the parent information and the parent cannot access the child. That being said, I would think my session variables on my server would be maintained for that session. Today, literally, I changed my response.redirect calls to server.transfer calls. Tonight I'll push the pages and begin testing. More to report tomorrow.
-
I am in the same spot you are, only difference is the hosting site calling my frame is a PHP site. Same issues. If I host the parent site no problems. If they are the Parent site, then problems (not holding session variables). The problem is introduced when you have cross domain sites communicating. You cannot access the parent information and the parent cannot access the child. That being said, I would think my session variables on my server would be maintained for that session. Today, literally, I changed my response.redirect calls to server.transfer calls. Tonight I'll push the pages and begin testing. More to report tomorrow.
Good luck with that. Sadly I did that already too. I also neglected to mention that all of the pages where this problem occurs are master pages and things seem highly dependent on the postback. The fact that it works on Firefox has me more confused and wonder how much of it is client-side vs. server side. The next step that was suggested to me is changing all of the logic that involves session variables to query strings but that will prove to be a pretty intense over-haul on a site that has already been thoroughly tested. Let me know if you have any luck with your conversion though, let me know if it works.
-
Good luck with that. Sadly I did that already too. I also neglected to mention that all of the pages where this problem occurs are master pages and things seem highly dependent on the postback. The fact that it works on Firefox has me more confused and wonder how much of it is client-side vs. server side. The next step that was suggested to me is changing all of the logic that involves session variables to query strings but that will prove to be a pretty intense over-haul on a site that has already been thoroughly tested. Let me know if you have any luck with your conversion though, let me know if it works.